use <artifactId>artemis-server</artifactId>

[pethers]

By submitting a request, you represent that you have the right to license
your contribution to the community, and agree that your contributions are
licensed under the The Apache Software License, Version 2.0.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: The number of snapshots compared for the base SHA (2) and the head SHA (1) do not match. You may see unexpected removals in the diff.

Consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
maven/org.apache.activemq:artemis-server	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/de.dentrassi.crypto:pem-keystore	2.4.0	🟢 4.7	Details Check Score Reason Code-Review ⚠️ 0 Found 1/22 approved changesets -- score normalized to 0 Maintained 🟢 6 7 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 4 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
maven/io.micrometer:micrometer-commons	1.12.2	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 2 Found 6/29 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during GetBranch(1.11.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code
maven/io.micrometer:micrometer-core	1.12.2	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 2 Found 6/29 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during GetBranch(1.11.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code
maven/io.micrometer:micrometer-observation	1.12.2	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 2 Found 6/29 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during GetBranch(1.11.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code
maven/org.apache.activemq:artemis-commons	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.activemq:artemis-core-client	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.activemq:artemis-jdbc-store	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.activemq:artemis-journal	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.activemq:artemis-lockmanager-api	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.activemq:artemis-selector	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.activemq:artemis-server	2.35.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/29 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 8 binaries present in source code Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.jctools:jctools-core	4.0.2	🟢 4.8	Details Check Score Reason Code-Review ⚠️ 1 Found 4/28 approved changesets -- score normalized to 1 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 7 SAST tool detected but not run on all commits

Scanned Manifest Files

jms-broker/pom.xml

• org.apache.activemq:artemis-server@2.35.0
• org.apache.activemq:artemis-spring-integration@2.32.0

pom.xml

• de.dentrassi.crypto:pem-keystore@2.4.0
• io.micrometer:micrometer-commons@1.12.2
• io.micrometer:micrometer-core@1.12.2
• io.micrometer:micrometer-observation@1.12.2
• org.apache.activemq:artemis-commons@2.35.0
• org.apache.activemq:artemis-core-client@2.35.0
• org.apache.activemq:artemis-jdbc-store@2.35.0
• org.apache.activemq:artemis-journal@2.35.0
• org.apache.activemq:artemis-lockmanager-api@2.35.0
• org.apache.activemq:artemis-selector@2.35.0
• org.apache.activemq:artemis-server@2.35.0
• org.jctools:jctools-core@4.0.2
• de.dentrassi.crypto:pem-keystore@2.2.2
• io.micrometer:micrometer-core@1.9.5
• jakarta.jms:jakarta.jms-api@2.0.3
• org.apache.activemq:artemis-commons@2.32.0
• org.apache.activemq:artemis-core-client@2.32.0
• org.apache.activemq:artemis-jdbc-store@2.32.0
• org.apache.activemq:artemis-jms-client@2.32.0
• org.apache.activemq:artemis-jms-server@2.32.0
• org.apache.activemq:artemis-journal@2.32.0
• org.apache.activemq:artemis-quorum-api@2.32.0
• org.apache.activemq:artemis-selector@2.32.0
• org.apache.activemq:artemis-server@2.32.0
• org.apache.activemq:artemis-service-extensions@2.32.0
• org.apache.activemq:artemis-spring-integration@2.32.0
• org.jctools:jctools-core@2.1.2

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud